SCADA StrageLove is a group of security researchers focused on ICS/SCADA security to save Humanity from industrial disaster and to keep Purity Of Essence. In spare time. During working hours we works for research/security assessment in Positive Technologies.
[Abstract] This talk will share SCADA StrangeLove team experience in penetration testing in ICS environment. From network level to application and from 0-day hunting to project management. Toolkit/tip and tricks/real world examples. What you should do and what you do not ever have to do. SCADA StrangeLove hopes this talk will help you to win Choo Choo Pwn prize.
1. Tilting at windmills: ICS pentest project management
a. ICS security assessment projects goals: declarations and reality
b. Thread modelling: traditional vs ICS
c. Between Security, ICS team and Vendor
d. Choosing the right approach: from hardcore hacking to paparazzi-style audit
2. Playing with networks
a. ICS protocol overview
b. Toolkit
c. Cases
3. Rooting the PLC: don't even try
4. OS/DB/Application
a. Why you don't need Magic SCADA Exploit Pack
b. How to find SCADA 0day
c. Toolkit
5. I'm the Lord of the SCADA
a. Ok, I god it. What can I do?
b. Owning ICS stuff
6. Hunting the operator: ICS network "forensic"
7. Jumping to business level
a. Knockin 'on management team
b. BUZZness case: fraud, shmaud and figaud
c. Pentest to regulatory compliance mapping
d. Ashes and Hopelessness